connmark: Add CAP_NET_RAW to capabilities keep list
authorTim Kent <tim@kent.id.au>
Tue, 25 Oct 2016 06:17:10 +0000 (16:17 +1000)
committerTobias Brunner <tobias@strongswan.org>
Tue, 25 Oct 2016 07:46:23 +0000 (09:46 +0200)
commit87875086d05c0d5b7825a8810cf42da26b67bc04
treecb0ecf4b2cb8b3a0b7a84ec7163776219e990115
parente6a4bd83ffbef5ff00bb614e9b64cba203543845
connmark: Add CAP_NET_RAW to capabilities keep list

Fix for "Permission denied (you must be root)" error when calling
iptc_init(), which opens a RAW socket to communicate with the kernel,
when built with "--with-capabilities=libcap".

Closes strongswan/strongswan#53.
Fixes #2157.
src/libcharon/plugins/connmark/connmark_plugin.c